<?php require_once('../Connections/STN.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  if (PHP_VERSION < 6) {
    $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
  }

  $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}
}
?>
<?php
//verificar se ja tem session criada



// *** Validate request to login to this site.
if (!isset($_SESSION)) {
  session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
  $_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['login'])) {
  $loginUsername=$_POST['login'];
  $password=$_POST['senha'];
  $MM_fldUserAuthorization = "";
  $MM_redirectLoginSuccess = "index.php";
  $MM_redirectLoginFailed = "login.php";
  $MM_redirecttoReferrer = false;
  mysql_select_db($database_STN, $STN);
  
  $LoginRS__query=sprintf("SELECT USU_LOGIN, USU_CODIGO, USU_SENHA FROM tb_usuarios WHERE USU_LOGIN=%s AND USU_SENHA=%s",
    GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text")); 
   
  $LoginRS = mysql_query($LoginRS__query, $STN) or die(mysql_error());
  $loginFoundUser = mysql_num_rows($LoginRS);
  $row_loginFoundUser = mysql_fetch_assoc($LoginRS);

  if ($loginFoundUser) {
     $loginStrGroup = "";
    
	if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();}
    //declare two session variables and assign them
    $_SESSION['MM_Username'] = $loginUsername;
    $_SESSION['MM_UserGroup'] = $loginStrGroup;
	$codigo=$row_loginFoundUser['USU_CODIGO'];
	$_SESSION['codigo']= $codigo;    
	
	//registrando data de ultimo acesso
	$query_acesso = "update tb_usuarios set USU_ULTIMO_ACESSO = current_timestamp where USU_LOGIN = '$loginUsername'";
	$RSacesso = mysql_query($query_acesso , $STN);
	
    if (isset($_SESSION['PrevUrl']) && false) {
      $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];	
    }
		
	
    header("Location: " . $MM_redirectLoginSuccess );
  }
  else {
    header("Location: ". $MM_redirectLoginFailed );
  }
}
?>
<!DOCTYPE HTML>
<html lang="pt-br">
<head>
	<meta charset="UTF-8" />
	<link  href="css/admin.css" rel="stylesheet" type="text/css" />
	<title>..::A SALA DO TIO NALDINHO::..</title>
</head>

<body>
<div id="main">
        <div id="header">
            <a href="#" class="logo"><img src="img/logo.gif" width="101" height="29" alt="" /></a>   
        </div>
        <div id="middle">
            <div id="left-column">
            </div>
            <div id="center-column">

<form ACTION="<?php echo $loginFormAction; ?>" name="login" method="POST">
	<table align="center">
    <tr>
   	  <th colspan="3">P&aacute;gina de acesso</th>
    </tr>
    <tr>
    	<td><label for="login"><h3>Login:</h3></label></td>
        <td><input type="text" name="login" id="login" maxlength="100" required="required" autofocus="autofocus" /></td>
    </tr>
    <tr>
    	<td><label for="senha"><h3>Senha:</h3></label></td>
        <td><input type="password" name="senha" id="senha" maxlength="100" required="required" /></td>
    </tr>
    <tr>
   	  <td colspan="2" align="right"><input type="submit" value="Entrar" /></td>
    </tr>

	</table>
</form>

                </div>
               
            </div>
<div id="footer"><p>&copy;COPYRIGHT <a href="http://twitter.com/jrnescau" target="_blank">Nescau</a> e <a href="http://twitter.com/JessuirCleydson" target="_blank">Jessuir</a> 2012. </p></div>
    </div>
</body>
</html>